Jordan Borean jborean93
jborean93
/ Get-ServiceDacl.ps1
Last active
November 28, 2024 12:54
Get the Service SecurityDescriptor in a human friendly format
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-ServiceDacl { | |
| <# | |
| .SYNOPSIS | |
| Gets the service DACL entries. | |
| .DESCRIPTION | |
| Gets all the DACL entries for the service(s) specified. |
jborean93
/ Get-PowerShellAssemblyMetadata.ps1
Created
January 27, 2024 21:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-PowerShellAssemblyMetadata { | |
| <# | |
| .SYNOPSIS | |
| Gets the cmdlets and aliases in a dotnet assembly. | |
| .PARAMETER Path | |
| The assembly to inspect. |
jborean93
/ Test-Tls.ps1
Last active
May 20, 2024 19:28
Tests the TLS connection by doing a client hello with the hostname specified
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Test-Tls { | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [string] | |
| $HostName, |
jborean93
/ tls_web_server.py
Last active
February 22, 2024 20:16
A test HTTP server with TLS enabled to test out some TLS behaviour for web based commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """Test TLS Enabled Web Server | |
| A script that can start a temporary TLS enabled web server. This server | |
| supports a basic GET request and will return metadata on the request from the | |
| client. By default it will create an ephemeral certificate when starting up but | |
| a custom certificate can be provided. Also supports client authentication by | |
| providing a CA bundle to use for verification or using --tls-client-auth to | |
| generate a new set of keys. |
jborean93
/ winrm_with_gssapi.py
Created
November 28, 2023 00:34
Test WinRM with GSSAPI authentication in Python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import annotations | |
| import base64 | |
| import gssapi | |
| import io | |
| import re | |
| import requests | |
| import struct | |
| import sys | |
| import typing as t |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| NOTE: Must be run in Windows PowerShell (5.1), PowerShell (7+) cannot create standalone exes. | |
| This is designed to create a simple exe that can be used to spawn any console | |
| application with a hidden Window. As NoGui.exe is a GUI executable it won't | |
| spawn with an associated console window and can be used to then create a new | |
| process with a hidden console window with the arguments it was created with. | |
| By default, NoGui will spawn the child process with same stdio handles as |
jborean93
/ New-S4UAccessToken.ps1
Last active
August 27, 2024 14:01
Generates a Win32 Access Token using S4U (no password required)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2023, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| #Requires -Module Ctypes | |
| Function New-S4UAccessToken { | |
| <# | |
| .SYNOPSIS | |
| Generates an S4U access token. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2023, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| class EncodingTransformAttribute : System.Management.Automation.ArgumentTransformationAttribute { | |
| [object] Transform([System.Management.Automation.EngineIntrinsics]$engineIntrinsics, [object]$InputData) { | |
| $result = switch ($InputData) { | |
| { $_ -is [System.Text.Encoding] } { $_ } | |
| { $_ -is [string] } { | |
| switch ($_) { |
jborean93
/ linux_print_argv.c
Last active
October 30, 2023 22:25
Code that can be used to generate an executable that can print how it receives arguments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include<stdio.h> | |
| // gcc print_argv.c -o print_argv | |
| int main(int argc, char *argv[]) | |
| { | |
| int i; | |
| for(i = 1;i < argc;i++) | |
| { | |
| printf("[%d] %s\n", i, argv[i]); |
jborean93
/ TightVNC Password.ps1
Created
August 15, 2023 11:44
Code that can encrypt or decrypt TightVNC server passwords
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function ConvertTo-EncryptedVNCPassword { | |
| [OutputType([byte[]])] | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [SecureString] | |
| $Password | |
| ) | |
| # This is hardcoded in VNC applications like TightVNC. |